ECMP ਆਧਾਰ ਇਨਰੋਲਮਟ ਸਾਫਟਵੇਅਰ ਤਿੜਕੀ

Aadhaar enrollment operators use a software provided by the UIDAI to collect or update information about individuals to be entered or updated into the Aadhaar database. This software is called the ECMP (Enrollment Client Multi Platform) and theਯੂਆਈਡੀਏਆਈ ਸੁਪਰੀਮ ਕੋਰਟ 'ਚ ਦਾਅਵਾ ਕੀਤਾ ਹੈthat it is extremely secure, to the point that not even the enrollment operators have access to the biometrics collected by the software.

The software uses the Aadhaar operator’s biometrics to grant them access to perform enrollments or updation.

This software is now reported to be cracked and available to buy illegally in the form of a “jailbreak” version. WhatsApp groups of former Aadhaar operators have this software for sale for as little as Rs. 500 to 2000 a copy,ਏਸ਼ੀਆ ਟਾਈਮਜ਼ ਦੀ ਰਿਪੋਰਟ.

Details provided by the Asia Times report show that the security measures to prevent unauthorized access have been bypassed, as the cracked software comes preconfigured with valid biometrics and user credentials of authorized operators. A patch bypasses the geo-location constraints coded into the original software, allowing the illegal users to bypass checks that restrict access to authorized locations and centres.

If, this is correct, the UIDAI, may not be able to identify either those who created and distributed the software, or those who use it, as the identifying details being sent by the software are manipulated to reflect authorized operators.

The Asia Times claims to have had the software examined by two information security professionals who confirmed that the software had been successfully cracked and that the “Jailbreak” version of UIDAI’s ECMP software does indeed do what it promises – to allow anyone to access the system as an Aadhaar operator and register or update Aadhaar numbers as any authorized Aadhaar operator can do.

According to the experts Asia Times spoke with, who examined the cracked software, the disabling of UIDAI’s security is so complete that anyone could update the Aadhaar data from anywhere in the world without even have ever been to India.

ਪਾਵਰ

Vidyut is a commentator on socio-political issues with a keen understanding of tech and policy. She has been observing and commenting on Aadhaar since 2010 from a perspective of human rights, democracy and technological robustness.

Basic translations are automated if you'd like to volunteer to correct them, please email info@aadhaar.fail

Support Aadhaar FAIL!

Aadhaar FAIL is a volunteer run site. No one gets paid for creating or translating content. However, there are expenses related to servers, occasional software related expenses and it will be good to occasionally be able to pay someone to do time consuming and critical research. If you would like to support, please gift moneyਇਥੇ.

In October 2017, the RBI announced a high level task force that would study and help set up a transparent and comprehensive public credit registry (PCR). The RBI’s PCR was intended to be “an extensiveRead more…

The UIDAI keeps insisting that Aadhaar is secure. Biometics can’t be bypassed, enrolment software can’t be hacked, and so on. So I put together a quick list. This list is under construction. Keep checking forRead more…